Why you don’t have to choose between productivity and security with DLP

Flash-driveYou sit down, ready to save a file to a USB drive so you can finish up a project over the weekend. You’ve experienced the dreaded security lock that prevented access to a web page, but now you get a similar message for your download – access denied. The immediate reaction morphs from “Who do I need to authorize this?” to “Get out of my way, I don’t have time for this.” Then comes either a heated phone call to IT, a nasty email, or a face-to-face expression of displeasure at the person who locked you out the file. It’s a waste of time — the indignity of it all.

This scenario plays out at many companies after they deploy Data Loss Prevention (DLP) solutions with file-blocking capabilities. Hard-working employees may attempt to bring work home over a weekend to plan for an upcoming meeting or catch up on important work, but DLP systems stop sensitive data from leaving the server. These roadblocks trade employee productivity for data security — something no company should have to choose.

Most well-meaning employees don’t think twice about copying or sending company files to external media or personal email accounts, but it presents a risk for the company, either as leaked data or noncompliance with certain laws and regulations. DLP solutions halt this movement no matter what employees attempt. Continue Reading…

Tags: , ,

Clearer vision: How to keep an eye on IT security

IT securityAfter discussions with hundreds of IT and security professionals, one concern rises above the rest in the modern IT environment: visibility. How often have you heard or read the phrase “I don’t know what I don’t know?”

Even after years of deploying perimeter controls and endpoint protection, IT is still challenged with identifying and responding to unknown infrastructure threats in a timely manner. This can be attributed to a variety of issues, including changing threats, limited resources, and improperly deployed or configured security controls.

Having identified these challenges as top of mind for IT, how can organizations possibly start to regain security vision? Fear not: Every organization can take steps to repair its vision and gain insight into security and operational events. These steps can be as simple as updating supervisory controls and as complex as deploying next-generation firewalls (NGFWs).

As you look to fortify your IT security, consider these three critical steps: Continue Reading…

Tags: , ,

The 3-step approach to improving IT security

IT securityEvery year we regularly schedule physicals, oil changes, car inspections, and other appointments in order to keep the systems that we depend on running at peak operational efficiency. There might not be anything noticeably wrong to necessitate one of these checkups, but that’s not really the point. The purpose is to take a proactive approach to system maintenance in order to catch any coughs or hiccups that might later call for an expensive fix.

SHI recommends a similar preventative approach to IT security. Organizations need to regularly assess their security programs to pinpoint small issues that could later turn into devastating security leaks. They can do this internally or hire a professional security services team.

To help our customers confirm that they deployed their security controls properly and identify any security gaps that might exist, SHI developed the Security Posture Review (SPR). The SPR is an assessment designed to evaluate various technical and operational security controls within an organization’s IT environment, which will help maximize security spend.

Our SPR consists of three phases: Continue Reading…

Tags: ,

Improving IT security: Why you need to consider Next-Generation Firewalls

IT-firewall

Firewalls can be the star performer in your inventory of security controls. A good firewall not only provides ways to manage user, application, and system behavior, but it also offers multiple avenues for controlling network traffic and can help companies cut back on vendor sprawl.

Yet in order to achieve optimal functionality, organizations must say goodbye to the firewalls of yesterday and welcome the new wave of Next-Generation Firewalls (NGFWs). As Gartner put it, “The firewall market has evolved from simple stateful firewalls to NGFWs, incorporating full stack inspection to support intrusion prevention, application-level inspection, and granular policy control.”

Traditional stateful firewalls are just not as effective as they were in the past due to the increase in intelligent adversaries seeking financial gain over defacement, their lack of specificity for network traffic types, and their inability to control traffic based on other factors, such as geographical region, application, or identity.

NGFWs offer several compelling functional advantages over stateful firewalls that can help organizations overcome these challenges. Continue Reading…

Tags: , ,

3 steps to secure your network for the Internet of Things

everything connectedThe number of devices that rely on network connectivity to do their jobs is skyrocketing — mobile-connected devices will outnumber people in the world by the end of the year, according to Cisco. All those smartphones and tablets are improving productivity and access to data, but they can also become security risks that open your network to attacks. The vulnerability of network connections has always been a problem, but the more devices are linked, the more risks you’ll have to manage, and the more stringent your security will have to be.

No potential threat is greater than the Internet of Things (IoT). As the IoT takes hold in organizations, it will exponentially multiply the number of devices on your network, connecting everything from thermostats and HVAC systems to vehicles and manufacturing equipment. Experts expect 26 billion connected units by 2020.

Every organization is facing the inevitability of the IoT and must take a stand against future security risks now. Here are three things you should do to take control of your connectivity and head off any risks as we brace for an explosion of devices as part of the IoT. Continue Reading…

Tags: , , ,

Improving IT security: Why you need to consider Next-Generation Firewalls

NGFWFirewalls can be the star performer in your inventory of security controls. A good firewall not only provides ways to manage user, application, and system behavior, but it also offers multiple avenues for controlling network traffic and can help companies cut back on vendor sprawl.

Yet in order to achieve optimal functionality, organizations must say goodbye to the firewalls of yesterday and welcome the new wave of Next-Generation Firewalls (NGFWs). As Gartner put it, “The firewall market has evolved from simple stateful firewalls to NGFWs, incorporating full stack inspection to support intrusion prevention, application-level inspection, and granular policy control.”

Traditional stateful firewalls are just not as effective as they were in the past due to the increase in intelligent adversaries seeking financial gain over defacement, their lack of specificity for network traffic types, and their inability to control traffic based on other factors, such as geographical region, application, or identity.

NGFWs offer several compelling functional advantages over stateful firewalls that can help organizations overcome these challenges. Continue Reading…

Tags: , ,

How to prepare for the end of Windows XP

Organizations will face a predictable IT operations and security challenge this year when Microsoft ceases support for Windows XP. Effective April 8, 2014, Microsoft will no longer publish security updates and hotfixes for the operating system.

Recently, Microsoft said it will extend updates for Windows XP security products through July 14, 2015. But even with that extension, organizations aren’t in the clear. Though Microsoft will provide signature updates to Microsoft Security Essentials that will aid in blocking attacks against security vulnerabilities, it will not patch those vulnerabilities or impact those users not using Microsoft Security Essentials. This means that vulnerabilities discovered after the end-of-life will continue to remain despite this increased support window.

This might not seem significant but according to the Common Vulnerabilities and Exposures database published by Mitre, 721 Windows XP vulnerabilities have been identified over the last 13 years. One hundred sixty-six of which are highly exploitable code execution vulnerabilities that have been discovered in the last five years.

So what do you do with legacy systems that have reached their end of life? Here are three simple steps that can help prepare your IT lifecycle.

1. Identify
First you need to identify the scope of the Windows XP desktops and laptops in your IT environment. This step can be as simple as accessing Active Directory or performing an Nmap fingerprint scan on your networks. Support tools, such as help desk systems, the Microsoft System Center Configuration Manager (SCCM), and Windows Server Update Services (WSUS), can also assist in this effort. Organizations should be forewarned that these tools often only provide 90 percent accuracy since legacy laptops and systems might not exist under your domain or are only connected intermittently. Continue Reading…

Tags: ,

The biggest IT security threats and how to prevent them

If the news is any indication, IT security (or the lack thereof) is a growing concern among companies of all sizes. In the wake of reports that Chinese hackers are engaging in commercial cyber-espionage, some companies are calling for a go-ahead to hack right back when they fall victim to such security threats. Breaches by hackers from Syria, Iran, and other countries around the world signal the need for a new approach to guarding IT infrastructure.

But even beyond hackers, there are a number of threats to corporate IT systems that can disrupt business and gouge bottom lines. Let’s look at some of the major threats and how companies of all sizes can mount a defense to keep their systems secure.

Top four IT security threats

From outsiders to your own employees, here are definitions for four of the most common vulnerabilities in corporate networks:

  • Hackers. One of the oldest and most commonly understood threats, hackers work as individuals or groups to leverage weaknesses in an organization’s IT infrastructure to gain access to its systems. Through the years this access has dramatically evolved from young pranksters seeking little more than bragging rights to today’s organized groups of cyber criminals stealing financial and proprietary information for financial or political gain. Today’s hackers use both manual and automated processes to break into an organization’s IT infrastructure.
  • Malware. Malware refers to any type of malicious software used to infiltrate private computers or networks in order to gain access to sensitive data. Malware is also used to slow down system performance by utilizing memory, CPU, and other system resources. Wikipedia offers a comprehensive list of the different types of malware, including computer viruses, worms, trojan horses, rootkits, keyloggers, dialers, spyware, adware, malicious browser plug-ins, and rogue security software. Continue Reading…
Tags: , , ,